Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

CISCO WARNS OF WIRELESS SECURITY HOLE

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Security Notices & News
View previous topic :: View next topic  
Author Message
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Mon Apr 12, 2004 8:18 pm    Post subject: CISCO WARNS OF WIRELESS SECURITY HOLE Reply with quote

CISCO WARNS OF WIRELESS SECURITY HOLE
========================================================================
Posted April 07, 2004 12:58 PM Pacific Time

Networking equipment maker Cisco Systems Inc. is warning customers about
a security hole in two products used to manage wireless LANs and
e-business services in corporate data centers.

For the full story:
http://newsletter.infoworld.com/t?ctl=5EEA56:1F6421C

was not going to put this but since suzi,s runing wireless thought an insight into wireless security holes was worth putting here. there are far worse ones out there.
like when people keep there default settings and pass words.

_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd
Back to top
View user's profile Send private message Send e-mail Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 21 Oct 2014
Posts: 10331
Location: at the beach

PostPosted: Tue Apr 13, 2004 9:20 pm    Post subject: Reply with quote

Thanks Dave. I'm not running wireless quite yet but will be soon.
Good link. Very Happy
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Tue Apr 13, 2004 9:34 pm    Post subject: Reply with quote

hello
suzi wireless can cave veary weak security if default pass words are kept or weak pass words and other default settings should be changed. but with a bit of reading up on your equipment your getting it will be nearly as safe as you are now.

_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd
Back to top
View user's profile Send private message Send e-mail Visit poster's website
wawadave
Warrior Obsessed


Joined: 25 Jan 2004
Last Visit: 24 Jul 2009
Posts: 3448
Location: Illegitimus non carborundum

PostPosted: Thu Apr 15, 2004 8:53 am    Post subject: Reply with quote

Cisco fixes latest WLAN flaw

By Marguerite Reardon
CNET

Wireless local area network (LAN) products from Cisco Systems are under fire again after the release of a software tool exploiting an old vulnerability, but the company says it has a new protocol that fixes the problem.

Earlier this week, the networking company acknowledged a previously discovered vulnerability in its Lightweight Extensible Authentication Protocol (LEAP) that makes it easier for hackers to launch dictionary attacks to guess common passwords used to access wireless LANs. The company is now recommending that customers use a new security protocol called EAP-FAST (Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling) , which it said helps reduce this threat.

Dictionary attacks, which run through a massive file of words until finding a password match, threaten every form of password control. But the problem with LEAP let hackers greatly reduce the number of possible password matches, thus making the dictionary attacks faster and easier, said Joshua Wright, a security expert who alerted Cisco to the vulnerability. What's more, LEAP also allowed hackers to try their password matches offline, giving them ample time and access to hunt for matches.

Last August, Mr. Wright, who works for the SANS Institute network security group, discovered the LEAP vulnerabilities, and he developed a tool, called ASLEAP, to exploit them. After contacting Cisco, Mr. Wright agreed to hold onto the tool until Cisco developed an alternative authentication protocol and notified customers of the risks associated with using LEAP.

"When I discovered this weakness in the LEAP protocol, I searched the Cisco website for references to this vulnerability," he wrote on his website documenting the flaws. "I discovered one small reference to a dictionary attack vulnerability against user passwords, which I felt was insufficient notification for such a critical flaw in the protocol."

In February, Cisco submitted documentation to the Institute of Electrical and Electronics Engineers (IEEE) for EAP-FAST, which eliminates some of the problems with LEAP. Unlike LEAP, the new protocol does not allow hackers to limit the pool of potential password matches, which means that an attacker must try every word in the dictionary file to find a match. This slows down the attacker and makes gaining access to the network more difficult. EAP-FAST also doesn't allow the search for a match to be taken offline. In other words, a hacker must try the possible passwords on-line and risk being shut out of the network if it doesn't find a match in a certain number of attempts.

While EAP-FAST is an improvement over LEAP, it does not completely eliminate the risk of dictionary attacks, Mr. Wright warned. Like any password-protected security mechanism, EAP-FAST could still succumb to a dictionary attack.

"If you use passwords that are easy to figure out, no authentication product is going to protect you," said Mike Disabato, vice-president and service director at Burton Group. "End-users have to be smart about their password use."

In a statement, Cisco said it is aware of the dictionary attack method that exploits known vulnerabilities to password-based security schemes for WLANs. Cisco recommends that users review their security policies and institute previously published best practices that require the use of strong passwords to help make their systems impervious to this type of attack. It also recommends that customers using LEAP who cannot enforce a strong password policy and do not want to use security certificates migrate to EAP-FAST for protection from dictionary attacks.

The LEAP vulnerability is not the only security issue Cisco Wireless LAN customers have had to deal with lately. Last week, the company notified customers that a preset username and password coded into its Wireless LAN Solution Engine (WLSE) and Hosting Solution Engine (HSE) could give attackers complete control of the wireless LAN management devices. The company has posted software patches for both products.

But Cisco customers seem to be taking the security problems in stride.

"It doesn't really concern me," said Phil Go, CIO at Barton Malow, a $1.2-billion construction firm that uses Cisco's wireless LAN products. "Ideally, I'd like to see them do it right the first time, but in this business, new problems will always come up. I feel satisfied that they are addressing the problems as they come up."

Like those of software giant Microsoft, Cisco's products are more widely deployed than its competitors', and there is more scrutiny from the installed base once the product is released. Analysts say these companies should be doing more to protect customers.

"Microsoft and Cisco and any other big vendor out there are under pressure to get products to customers when they promised," Mr. Disabato said. "And sometimes they take short cuts or forget to check things. But I think they need everyone needs to start taking the extra step to make sure that these products are really secure."




_________________
RFID tags! SPYWARE
Tired of proprietary Cor-pirationware?
http://www.openoffice.org/
Installing Vista http://tinyurl.com/2l9qyd
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Security Notices & News All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group